<?php

!defined('IN') && exit('Access denied');

if (POST && AJAX) {
    $data = getRequests(array('curr_password','new_password','new_password_confirm'));
    
    if (count($data) != 3) {
        outputJson(0,'请补全信息');
    }

    if (strlen($data['new_password']) < 6) {
        outputJson(0,'为了您的帐户安全，请将密码设置为至少6位字符');
    }

    if ($data['new_password'] != $data['new_password_confirm']) {
        outputJson(0,'两次输入密码不一致');
    }

    $curr_password = $_ENV['db']->fetchCol("SELECT password FROM customer_leader WHERE `leader_id` = '{$_G['uid']}'");
    $new_password = md5($data['new_password']);
    $old_password = md5($data['curr_password']);

    if ($old_password != $curr_password) {
        outputJson(0,'当前密码错误');
    }
    $_ENV['db']->runSql("UPDATE customer_leader SET `password` = '{$new_password}' WHERE `leader_id` = '{$_G['uid']}'");
    outputJson(1,'密码修改成功，将在下次登陆生效');
} else {
    $template->my_page = 'front/modipassword';
}